Closed mraible closed 10 months ago
Maybe ?#{authentication.name}
?
@mshima Yes, this seems to work as expected. I'll create a PR.
The issue that I was having with jHipster 8.1.0 is that the @AuthenticationPrincipal UserDetails userDetails doesn't work as intended anymore (it's null), no matter which variant that I use.
@PostMapping("/upload")
@PreAuthorize("hasAuthority(\"" + AuthoritiesConstants.GROUP_USER + "\")")
public ResponseEntity<TextExtractionResponse> uploadFile(
@RequestParam("file") MultipartFile multipartFile,
@AuthenticationPrincipal UserDetails userDetails
) throws IOException {
Optional<User> userOptional = userService.findOneByLogin(userDetails.getUsername());
Optional<UserCompany> userCompanyOptional = userCompanyService.findByUser(userOptional.get());
UserCompany userCompany = userCompanyOptional.get();
...
}
This is bad...
Overview of the issue
I started updating my jhipster8-demo project today to QA everything before the 8.1.0 release. To add more security around blogs and entries, I modified
BlogResource.java
and thegetAllBlogs()
method.Before:
After:
The
findByUserIsCurrentUser()
method is generated by JHipster in theBlogRepository
class.When I try to fetch the blogs from the UI, the error is:
Motivation for or Use Case
This worked with JHipster 7.
Reproduce the error
Here's my
.yo-rc.json
:And the JDL:
Suggest a Fix
Spring Security's docs seem to indicate a
SecurityEvaluationContextExtension
bean is needed. I tried adding one toSecurityConfiguration.java
, but it does not help:JHipster Version(s)
8.0.0